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DETAILED ACTION 

1 . Claims 1 , 4, 7, 1 0, 1 3-1 5, 20-21 , and 24-29 are pending. 



Response to Arguments 

2. The applicant's arguments with respect to the 35 USC 112 second paragraph 
rejections directed at claims 1 , 4, 7, and 13 have been persuasive and those 
rejections have been withdrawn. 



3. The applicant argues that the rejections under the 35 USC 1 1 2 of claims 1 5, 20, 
and 21 is improper as they recite an apparatus comprising a processor, and the 
claims are defined by the functions of the processor, and therefore the apparatus 
is defined by a processor that performs the functions listed in the claims. 



4. The rejections have been withdrawn in view of the arguments, as the applicant 
has indicated that the actual structure of the apparatus is limited to the 
processor. However, the examiner reiterates, according to the MPEP 
2106(IV)(B), "[njote that an apparatus claim with process steps is not classified 
as a "hybrid" claim; instead, it is simply an apparatus claim including functional 
limitations." Further, "[wjhile features of an apparatus may be recited either 
structurally or functionally, claims directed to an apparatus must be distinguished 
from the prior art in terms of structure rather than function" and "apparatus claims 
cover what a device is, not what a device does." See MPEP 2114. See also 



Application/Control Number: 10/659,774 Page 3 

Art Unit: 2452 

MPEP 21 1 1 .04 ("Claim scope is not limited by claim language that suggests or 
makes optional but does not require steps to be performed, or by claim language 
that does not limit a claim to a particular structure"). 

Thus, because the claims are apparatus claims, those functional limitations 
may simply be ignored because they do not limit the apparatus to a particular 
structure. That is, since "claims directed to an apparatus must be distinguished 
from the prior art in terms of structure rather than function," what, structurally, in 
these claims is different than any computer with a processor? Basically, for the 
claims in question, the applicant has simply claimed a processor and the 
examiner strongly urges the applicant to recite limiting structure in these 
apparatus claims. 

5. The applicant argues with respect to the independent claims that both O'Neill 
does not disclose or suggest that the terminal has a reauthentication identity 
transmitted to it. Further, the applicant contends, the second reference, 
Westerdal is completely silent regarding reauthentication, and does not disclose 
a reauthentication identity including a unique realm name identifying an 
authentication server. 

6. The examiner disagrees. First, O'Neill discloses transmitting to the terminal a 
reauthentication identity including a unique realm name uniquely identifying an 
authentication server ([0053], lines 13-17, the NAI (reauthentication identity) of 
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any end node (terminal) includes a realm name and identifies the home 
authentication server; it is essential that the realm name is transmitted to the 
mobile device). That is, O'Neill discloses transmission of a reauthentication 
identity to a terminal in a broad sense, but, O'Neill may not explicitly disclose the 
transmission to the terminal of the reauthentication identity is in response to the 
request for the full authentication of terminal. Rather, O'Neill simply discloses the 
terminal has a reauthentication identity and is full authenticated, but is silent in 
regards to the order in which those steps occur. The Westerdal reference was 
relied upon to disclose transmission in response to a specific request as 
elaborated on below. 

Westerdal discloses transmitting a reauthentication identity to a terminal in 
response to a full authentication request ([0037], client receives a new APID 
which identifies the authentication server (see for example, [0036], lines 5-9); 
further this is a reauthentication identity as it is used in subsequent 
authentications as described in [0036], i.e. if the cookie contains a known APID 
has already gone through the processes described in [0037]). 

Claim Rejections - 35 USC §103 

7. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 1 02 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 
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8. Claims 1 , 4, 7, 1 0, 1 3-1 5, 20-21 , and 24-29 are rejected under 35 U.S.C. 1 03(a) 
as being unpatentable over O'Neill (US Pub. No. 2003/0176188) in view of 
Westerdal (US Pub. No. 2002/0133719). 

9. As to claim 1 , O'Neill discloses a method, comprising: 

receiving a request for full authentication of a terminal ([0031 ], lines 1 -8, every 
mobile device (terminal or end node) will have a home AAA server (see Fig. 1), 
at this home AAA server will be stored service profiles that inherently require full 
authentication of that particular mobile device); 

transmitting to the terminal a reauthentication identity including a unique 
realm name uniquely identifying an authentication server ([0053], lines 13-17, the 
NAI (reauthentication identity) of any end node (terminal) includes a realm name 
and identifies the home authentication server; it is essential that the realm name 
is transmitted to the mobile device); 

receiving a request for reauthentication from the terminal, the request for 
reauthentication including the reauthentication identity including the unique realm 
name uniquely identifying the authentication server ([0053], lines 13-23, any end 
node (terminal) sending an authentication request identifying its home 
authentication server (via a "reauthentication identity") reads upon "a request for 
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reauthentication" as the end node was previously authorized by it's home 
authentication server, as that server stores it's service profile); 

wherein the request for reauthentication is routed to the authentication server 
according to the unique ream name included in the request for reauthentication 
([0053], lines 16-23). 

But, O'Neill may not explicitly disclose the transmission to the terminal of the 
reauthentication identity is in response to the request for the full authentication of 
terminal. Rather, O'Neill simply discloses the terminal has a reauthentication 
identity and is full authenticated, but is silent in regards to the order in which 
those steps occur. 

However, Westerdal discloses transmitting a reauthentication identity to a 
terminal in response to an authentication request ([0037], client receives a new 
APID which identifies the authentication server (see for example, [0036], lines 5- 
9); further this is a reauthentication identity as it is used in subsequent 
authentications as described in [0036], i.e. if the cookie contains a known APID 
has already gone through the processes described in [0037])). 

Therefore it would have been obvious to one of ordinary skill in the art at the 
time of the invention to combine the teachings of O'Neill and Westerdal because 
the substitution of one known element (i.e. Westerdal's method of providing a 
reauthentication identity) for another would have yielded predictable results (fast 
reauthentication for network devices, i.e. the end result of both Westerdal and 
O'Neill) to one of ordinary skill in the art. 
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10. As to claims 4, 7, 13, 15, and 20, they are rejected by the same rationale set 
forth in claim 1's rejection. 

1 1 .As to claim 10, O'Neill discloses a system comprising: 

a first authentication server configured to receive a request for full 
authentication of a terminal ([0031], lines 1-8, every mobile device (terminal or 
end node) will have a home AAA server (first authentication server) (see Fig. 1), 
at this home AAA server will be stored service profiles that inherently require full 
authentication of that particular mobile device), and configured to transmit to the 
terminal a reauthentication identity including a unique realm name uniquely 
identifying the first authentication server ([0053], lines 13-17, the NAI 
(reauthentication identity) of any end node (terminal) includes a realm name and 
identifies the home authentication server; that realm name inherently is 
transmitted to the mobile device); and 

a second authentication server configured to receive a request for 
reauthentication from the terminal, the request for reauthentication including the 
reauthentication identity including the unique realm name identifying the first 
authentication service ([0053], lines 13-23, any end node (terminal) sending an 
authentication request identifying its home authentication server (via a 
"reauthentication identity") to a visited AAA server (second authentication server) 
reads upon "a request for reauthentication" as the end node was previously 
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authorized by it's home authentication server, as that server stores it's service 
profile), and configured to route the request for reauthentication to the first 
authentication server according to the unique realm name identifying the first 
authentication server ([0053], lines 16-23). 

But, O'Neill may not explicitly disclose the transmission to the terminal of the 
reauthentication identity is in response to the request for the full authentication of 
terminal. Rather, O'Neill simply discloses the terminal has a reauthentication 
identity and is full authenticated, but is silent in regards to the order in which 
those steps occur. 

However, Westerdal discloses transmitting a reauthentication identity to a 
terminal in response to an authentication request ([0037], client receives a new 
APID which identifies the authentication server (see for example, [0036], lines 5- 
9); further this is a reauthentication identity as it is used in subsequent 
authentications as described in [0036], i.e. if the cookie contains a known APID 
has already gone through the processes described in [0037])). 

Therefore it would have been obvious to one of ordinary skill in the art at the 
time of the invention to combine the teachings of O'Neill and Westerdal because 
the substitution of one known element (i.e. Westerdal's method of providing a 
reauthentication identity) for another would have yielded predictable results (fast 
reauthentication for network devices, i.e. the end result of both Westerdal and 
O'Neill) to one of ordinary skill in the art. 
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12. As to claims 27 and 29, O'Neill discloses a method for use by a terminal, they are 
rejected by the same rationale set forth in claim 10's rejection 

13. As to claim 24, O'Neill discloses wherein the authentication network element is 
an authentication server (Fig. 5, label 114). 

14. As to claim 25, O'Neill discloses wherein the authentication network element is a 
proxy server (Fig. 5, label 135). 

15. As to claim 26, O'Neill discloses wherein the authentication network element is a 
service access point for authentication by an authentication server (Fig. 5, label 
128). 

16. Claims 14 and 21, are rejected under 35 U.S.C. 103(a) as being unpatentable 
over O'Neill in view of Westerdal as applied to claims 13 and 20 above, and in 
view of Barriga-Caceres et al (US Pub No. 2003/0163733), hereafter "Barriga." 

17. As to claims 14 and 21 , O'Neill and Westerdal do not explicitly disclose wherein 
the means for transmitting to an authentication network element a request for 
reauthentication using the reauthentication identity including the unique realm 
name includes the reauthentication identity in an identity response packet 
according to an Extensible Authentication Protocol. 
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However, Barriga discloses an authentication system (Abstract) that utilizes 
an Extensible Authentication Protocol ([0101]). 

Therefore it would have been obvious to one of ordinary skill in the art at the 
time of the invention to combine the teachings of O'Neill and Westerdal with 
Barriga in order to utilize a well-known protocol in the art that would allow 
O'Neill's system to be compatible with other, already deployed, systems. 

Conclusion 

18. THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time 
policy as set forth in 37 CFR 1 .1 36(a). 

19. A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed 
within TWO MONTHS of the mailing date of this final action and the advisory 
action is not mailed until after the end of the THREE-MONTH shortened statutory 
period, then the shortened statutory period will expire on the date the advisory 
action is mailed, and any extension fee pursuant to 37 CFR 1 .136(a) will be 
calculated from the mailing date of the advisory action. In no event, however, will 
the statutory period for reply expire later than SIX MONTHS from the mailing 
date of this final action. 

20. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Thomas J. Dailey whose telephone number is 
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571-270-1246. The examiner can normally be reached on Monday thru Friday; 
9:00am - 5:00pm. 

21 . If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Thu Nguyen can be reached on 571-272-6967. The fax phone 
number for the organization where this application or proceeding is assigned is 
571-273-8300. 

22. Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR 
only. For more information about the PAIR system, see http://pair- 
direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll- 
free). If you would like assistance from a USPTO Customer Service 
Representative or access to the automated information system, call 800-786- 
9199 (IN USA OR CANADA) or 571-272-1000. 

/Patrice L Winder/ 

Primary Examiner, Art Unit 2452 

IT. J. DJ 

Examiner, Art Unit 2452 



